PRESS RELEASE
Orlando, FL, December 11, 2023 – Fortress Info Safety (Fortress) and CodeSecure right this moment introduced a partnership to supply new capabilities to map open-source software program parts and discover and perceive high quality and safety defects in third get together or business software program. CodeSecure, a number one supplier of software safety testing merchandise, permits Fortress to develop its Software program Invoice of Supplies (SBOM) safety and remediation capabilities.
Fortress cybersecurity specialists’ associate with public sector organizations and important infrastructure stakeholders to fortify each hyperlink within the software program provide chain. CodeSecure helps to establish open-source parts and shared dependencies in software program, containers, and cell/desktop purposes. As well as, CodeSecure conducts binary code evaluation to detect safety vulnerabilities in externally developed software program parts with out entry to supply code.
“SBOMs are a essential device for bolstering our nationwide safety and defending essential infrastructure and protection belongings from nation-state assaults,” stated Alex Santos, CEO of Fortress. “CodeSecure permits us to construct further safety and remediation capabilities that assist our prospects maximize all of the potential of their SBOM deployments.”
The necessity for SBOM transparency is prime and important. New analysis from Fortress discovered that software program vulnerabilities can “lie in wait” for as much as three years earlier than being detected, and 90% of merchandise utilized by U.S. electrical utilities contained software program code developed in Russia or China, which was thrice extra more likely to have essential severity vulnerabilities.
CodeSecure will assist Fortress proceed to develop its SBOM database and supply related threat knowledge to essential industries through the North American Vitality Software program Assurance Database (NAESAD).
“Open-source software program is an assault floor typically exploited by cyber attackers,” stated Andrew Meyer, Chief Advertising Officer of CodeSecure. “The partnership with Fortress will allow our prospects to not solely catalog all their software program parts but in addition detect and remediate vulnerabilities earlier than they are often exploited.”
The businesses will talk about software program provide chain safety challenges and options throughout a webinar on January tenth at 11am ET!
About CodeSecure
Utilized by the world’s most security-conscious organizations to detect, measure, analyze and resolve vulnerabilities for software program they develop or use. CodeSecure merchandise allow fast DevSecOps deployments whereas additionally securing their software program provide chains. CodeSecure has company headquarters in Bethesda MD and publishes TalkSecure, an academic useful resource for product software program builders. Go to us at http://www.codesecure.com and comply with us on LinkedIn and X.
About Fortress Info Safety
Fortress secures North America’s energy and protection provide chains from cyberattacks on operational and important enterprise applied sciences. Fortress’ proprietary know-how platform orchestrates North America’s most superior cyber provide chain threat administration and vulnerability administration applications. Fortress operates the Asset to Vendor community, which supplies essential operators confidence that the services they get hold of from others are cyber-safe. Fortress is a Goldman Sachs Portfolio Firm.
About NAESAD
North American Vitality Software program Assurance Database (NAESAD): An industry-wide collaborative database to create and share Software program Payments of Supplies (SBOM) in merchandise utilized by utilities throughout North America. NAESAD is led by a number of investor-owned utilities (together with AEP, Southern, Xcel, and NiSource) and managed by Fortress Info Safety to create a complete SBOM library for frequent distributors and suppliers.
